aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Kaufmann <mail@michael-kaufmann.ch>2016-05-31 16:25:56 +0200
committerDaniel Stenberg <daniel@haxx.se>2016-05-31 19:52:45 +0200
commit7108e53fb58a194df54149e3a52c7df006f24ae7 (patch)
tree857b47b6487702d35d9a886ed8c61124342c2f72
parent6dbc23cfd86bbf8c1616759068a5909ced3dcc99 (diff)
openssl: Use correct buffer sizes for error messages
Closes #844
-rw-r--r--lib/vtls/openssl.c16
1 files changed, 8 insertions, 8 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 592bea5ff..fc1517864 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -930,8 +930,8 @@ int Curl_ossl_shutdown(struct connectdata *conn, int sockindex)
int retval = 0;
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
struct SessionHandle *data = conn->data;
- char buf[120]; /* We will use this for the OpenSSL error buffer, so it has
- to be at least 120 bytes long. */
+ char buf[256]; /* We will use this for the OpenSSL error buffer, so it has
+ to be at least 256 bytes long. */
unsigned long sslerror;
ssize_t nread;
int buffsize;
@@ -980,7 +980,7 @@ int Curl_ossl_shutdown(struct connectdata *conn, int sockindex)
/* openssl/ssl.h says "look at error stack/return value/errno" */
sslerror = ERR_get_error();
failf(conn->data, OSSL_PACKAGE " SSL read: %s, errno %d",
- ERR_error_string(sslerror, buf),
+ SSL_strerror(sslerror, buf, sizeof(buf)),
SOCKERRNO);
done = 1;
break;
@@ -3012,7 +3012,7 @@ static ssize_t ossl_send(struct connectdata *conn,
/* SSL_write() is said to return 'int' while write() and send() returns
'size_t' */
int err;
- char error_buffer[120]; /* OpenSSL documents that this must be at least 120
+ char error_buffer[256]; /* OpenSSL documents that this must be at least 256
bytes long. */
unsigned long sslerror;
int memlen;
@@ -3044,7 +3044,7 @@ static ssize_t ossl_send(struct connectdata *conn,
The OpenSSL error queue contains more information on the error. */
sslerror = ERR_get_error();
failf(conn->data, "SSL_write() error: %s",
- ERR_error_string(sslerror, error_buffer));
+ SSL_strerror(sslerror, error_buffer, sizeof(error_buffer)));
*curlcode = CURLE_SEND_ERROR;
return -1;
}
@@ -3063,8 +3063,8 @@ static ssize_t ossl_recv(struct connectdata *conn, /* connection data */
size_t buffersize, /* max amount to read */
CURLcode *curlcode)
{
- char error_buffer[120]; /* OpenSSL documents that this must be at
- least 120 bytes long. */
+ char error_buffer[256]; /* OpenSSL documents that this must be at
+ least 256 bytes long. */
unsigned long sslerror;
ssize_t nread;
int buffsize;
@@ -3095,7 +3095,7 @@ static ssize_t ossl_recv(struct connectdata *conn, /* connection data */
/* If the return code was negative or there actually is an error in the
queue */
failf(conn->data, "SSL read: %s, errno %d",
- ERR_error_string(sslerror, error_buffer),
+ SSL_strerror(sslerror, error_buffer, sizeof(error_buffer)),
SOCKERRNO);
*curlcode = CURLE_RECV_ERROR;
return -1;